Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security

Authentication

Mobile

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

To InformationWeek

Network Computing Dark Reading

Advertise

Author

Profile of Terry Ray

Chief Technology Officer, Imperva

News & Commentary Posts: 4

Terry Ray has global responsibility for Imperva's technology strategy. He was the first US-based Imperva employee, and has been with the company for 14 years. He works with organizations around the world to help them discover and protect sensitive data, minimize risk for regulatory governance, set data security strategy and implement best practices.

Articles by Terry Ray

View Content By Month

Is 2019 the Year of the CISO?

7/16/2019
The case for bringing the CISO to the C-suite's risk and business-strategy table.
Post a Comment

Collateral Damage: When Cyberwarfare Targets Civilian Data

1/24/2019
You can call it collateral damage. You can call it trickledown cyberwarfare. Either way, foreign hacker armies are targeting civilian enterprises as a means of attacking rival government targets.
Post a Comment

Putting the S in SDLC: Do You Know Where Your Data Is?

3/8/2018
Data represents the ultimate attack surface. Avoid major data breaches (and splashy headlines) by keeping track of where your data is.
Post a Comment

GDPR & the Rise of the Automated Data Protection Officer

9/19/2017
Can artificial intelligence and machine learning solve the skills shortage as the EU's General Data Protection Regulation deadline approaches?
Post a Comment

Editors' Choice

Zero-Factor Authentication: Owning Our Data

Nick Selby, Chief Security Officer at Paxos Trust Company, 2/19/2020

44% of Security Threats Start in the Cloud

Kelly Sheridan, Staff Editor, Dark Reading, 2/19/2020

Firms Improve Threat Detection but Face Increasingly Disruptive Attacks

Robert Lemos, Contributing Writer, 2/20/2020

Live Events

Webinars

March 16-19, 2020: Data Center World Registration is open! Join Us

Data Center World: The leading conference & expo for Data Center and IT Infrastructure Professionals. Register Today!

Get Insights: Cisco vs Microsoft & More at EC20 Orlando

More Informa Tech Live Events

White Papers

Let's Talk: Why Language Matters in Cybersecurity

6 Emerging Cyber Threats That Enterprises Face in 2020

Digital Transformation Built on the Cloud

Are SAST Tools Glorified Grep?

2020 Security Trends to Watch

More White Papers

Video

Cartoon

Latest Comment: He said XP and 7 are both insecure? And Server 2003 and 2008 also? Can't have him saying those things! We don't have any ...

Cartoon Archive

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Developing and Maintaining Secure Applications

How Enterprises Are Developing and Maintaining Secure Applications

The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.

Download Now!

How Enterprises are Attacking the Cybersecurity Problem

How Data Breaches affect the Enterprise

Rethinking Enterprise Data Defense

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Dark Reading - Bug Report

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-9342
PUBLISHED: 2020-02-22

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper.

CVE-2020-9338
PUBLISHED: 2020-02-22

SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.

CVE-2020-9339
PUBLISHED: 2020-02-22

SOPlanning 1.45 allows XSS via the Name or Comment to status.php.

CVE-2020-9340
PUBLISHED: 2020-02-22

fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.

CVE-2020-9341
PUBLISHED: 2020-02-22

CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]